Documentation_networking_filter
来源:互联网 发布:node sass 安装不上 编辑:程序博客网 时间:2024/06/14 20:00
Chinese translated version of Documentation/networking/filter
If you have any comment or update to the content, please contact the
original document maintainer directly. However, if you have a problem
communicating in English you can also ask the Chinese maintainer for
help. Contact the Chinese maintainer if this translation is outdated
or if there is a problem with the translation.
Chinese maintainer: 774945605@qq.com
---------------------------------------------------------------------
Documentation/networking/filter 的中文翻译
如果想评论或更新本文的内容,请直接联系原文档的维护者。如果你使用英文
交流有困难的话,也可以向中文版维护者求助。如果本翻译更新不及时或者翻
译存在问题,请联系中文版维护者。
中文版维护者: 潘丽卡 774945605@qq.com
中文版翻译者: 潘丽卡 774945605@qq.com
中文版校译者: 黄佳露 799942107@qq.com
以下为正文
---------------------------------------------------------------------
filter.txt: Linux Socket Filtering
Written by: Jay Schulist <jschlst@samba.org>
Introduction
filter.txt:Linux套接字过滤
作者:Jay Schulist <jschlst@samba.org>
介绍
============
Linux Socket Filtering is derived from the Berkeley
Packet Filter. There are some distinct differences between
the BSD and Linux Kernel Filtering.
Linux套接字过滤来源于。在BSD和Linux内核
过滤之间有些明显的区别。
Linux Socket Filtering (LSF) allows a user-space program to
attach a filter onto any socket and allow or disallow certain
types of data to come through the socket. LSF follows exactly
the same filter code structure as the BSD Berkeley Packet Filter
(BPF), so referring to the BSD bpf.4 manpage is very helpful in
creating filters.
Linux套接字过滤(LSF)允许用户空间程序将滤波器附加到任意
套接口上来控制是否允许某些类型的数据通过接口。LSF和BSD
伯克利数据过滤采用相同的滤波器代码结构,所以参阅BSD bpf.4
手册对于创建滤波器是很有帮助的。
LSF is much simpler than BPF. One does not have to worry about
devices or anything like that. You simply create your filter
code, send it to the kernel via the SO_ATTACH_FILTER option and
if your filter code passes the kernel check on it, you then
immediately begin filtering data on that socket.
LSF比BPF简单很多。它不需要我们担心类似于设备等问题。
你可以简单地创建滤波器代码,通过SO_ATTACH_FILTER选项将它
传递给内核,如果你的滤波器代码通过了内核的审核,你就可以
马上在那个套接口上进行数字过滤了。
You can also detach filters from your socket via the
SO_DETACH_FILTER option. This will probably not be used much
since when you close a socket that has a filter on it the
filter is automagically removed. The other less common case
may be adding a different filter on the same socket where you had another
filter that is still running: the kernel takes care of removing
the old one and placing your new one in its place, assuming your
filter has passed the checks, otherwise if it fails the old filter
will remain on that socket.
你也可以通过SO_DETACH_FILTER选项将滤波器从套接口上分离
出来。 但这可能不会经常用,因为当你关闭一个已经附加了
滤波器的接口时,这个滤波器就会被自动删除。也可能会出现
其他不太常见的情况,比如在一个已经运行了一个滤波器的
接口上添加另一个不同的滤波器:如果新的滤波器已经通过
审核,那么内核会将旧的滤波器移除,然后用新的代替它,否则
接口还是会运行旧的滤波器。
SO_LOCK_FILTER option allows to lock the filter attached to a
socket. Once set, a filter cannot be removed or changed. This allows
one process to setup a socket, attach a filter, lock it then drop
privileges and be assured that the filter will be kept until the
socket is closed.
SO_LOCK_FILTER选项允许将滤波器锁到一个套接口上。一旦设置了,
过滤器就不能再进行移动和更改。它允许一个程序设置一个套接口,
附上一个滤波器,进行锁定并删除特权,然后确保滤波进行直到
套接口被关闭。
Examples
例子
========
Ioctls-
setsockopt(sockfd, SOL_SOCKET, SO_ATTACH_FILTER, &Filter, sizeof(Filter));
setsockopt(sockfd, SOL_SOCKET, SO_DETACH_FILTER, &value, sizeof(value));
setsockopt(sockfd, SOL_SOCKET, SO_LOCK_FILTER, &value, sizeof(value));
See the BSD bpf.4 manpage and the BSD Packet Filter paper written by
Steven McCanne and Van Jacobson of Lawrence Berkeley Laboratory.
查阅BSD bpf.4和BSD数据包套接口的相关手册和文档,
作者是劳伦斯伯克利实验室的Steven McCanne和Van Jacobson。
If you have any comment or update to the content, please contact the
original document maintainer directly. However, if you have a problem
communicating in English you can also ask the Chinese maintainer for
help. Contact the Chinese maintainer if this translation is outdated
or if there is a problem with the translation.
Chinese maintainer: 774945605@qq.com
---------------------------------------------------------------------
Documentation/networking/filter 的中文翻译
如果想评论或更新本文的内容,请直接联系原文档的维护者。如果你使用英文
交流有困难的话,也可以向中文版维护者求助。如果本翻译更新不及时或者翻
译存在问题,请联系中文版维护者。
中文版维护者: 潘丽卡 774945605@qq.com
中文版翻译者: 潘丽卡 774945605@qq.com
中文版校译者: 黄佳露 799942107@qq.com
以下为正文
---------------------------------------------------------------------
filter.txt: Linux Socket Filtering
Written by: Jay Schulist <jschlst@samba.org>
Introduction
filter.txt:Linux套接字过滤
作者:Jay Schulist <jschlst@samba.org>
介绍
============
Linux Socket Filtering is derived from the Berkeley
Packet Filter. There are some distinct differences between
the BSD and Linux Kernel Filtering.
Linux套接字过滤来源于。在BSD和Linux内核
过滤之间有些明显的区别。
Linux Socket Filtering (LSF) allows a user-space program to
attach a filter onto any socket and allow or disallow certain
types of data to come through the socket. LSF follows exactly
the same filter code structure as the BSD Berkeley Packet Filter
(BPF), so referring to the BSD bpf.4 manpage is very helpful in
creating filters.
Linux套接字过滤(LSF)允许用户空间程序将滤波器附加到任意
套接口上来控制是否允许某些类型的数据通过接口。LSF和BSD
伯克利数据过滤采用相同的滤波器代码结构,所以参阅BSD bpf.4
手册对于创建滤波器是很有帮助的。
LSF is much simpler than BPF. One does not have to worry about
devices or anything like that. You simply create your filter
code, send it to the kernel via the SO_ATTACH_FILTER option and
if your filter code passes the kernel check on it, you then
immediately begin filtering data on that socket.
LSF比BPF简单很多。它不需要我们担心类似于设备等问题。
你可以简单地创建滤波器代码,通过SO_ATTACH_FILTER选项将它
传递给内核,如果你的滤波器代码通过了内核的审核,你就可以
马上在那个套接口上进行数字过滤了。
You can also detach filters from your socket via the
SO_DETACH_FILTER option. This will probably not be used much
since when you close a socket that has a filter on it the
filter is automagically removed. The other less common case
may be adding a different filter on the same socket where you had another
filter that is still running: the kernel takes care of removing
the old one and placing your new one in its place, assuming your
filter has passed the checks, otherwise if it fails the old filter
will remain on that socket.
你也可以通过SO_DETACH_FILTER选项将滤波器从套接口上分离
出来。 但这可能不会经常用,因为当你关闭一个已经附加了
滤波器的接口时,这个滤波器就会被自动删除。也可能会出现
其他不太常见的情况,比如在一个已经运行了一个滤波器的
接口上添加另一个不同的滤波器:如果新的滤波器已经通过
审核,那么内核会将旧的滤波器移除,然后用新的代替它,否则
接口还是会运行旧的滤波器。
SO_LOCK_FILTER option allows to lock the filter attached to a
socket. Once set, a filter cannot be removed or changed. This allows
one process to setup a socket, attach a filter, lock it then drop
privileges and be assured that the filter will be kept until the
socket is closed.
SO_LOCK_FILTER选项允许将滤波器锁到一个套接口上。一旦设置了,
过滤器就不能再进行移动和更改。它允许一个程序设置一个套接口,
附上一个滤波器,进行锁定并删除特权,然后确保滤波进行直到
套接口被关闭。
Examples
例子
========
Ioctls-
setsockopt(sockfd, SOL_SOCKET, SO_ATTACH_FILTER, &Filter, sizeof(Filter));
setsockopt(sockfd, SOL_SOCKET, SO_DETACH_FILTER, &value, sizeof(value));
setsockopt(sockfd, SOL_SOCKET, SO_LOCK_FILTER, &value, sizeof(value));
See the BSD bpf.4 manpage and the BSD Packet Filter paper written by
Steven McCanne and Van Jacobson of Lawrence Berkeley Laboratory.
查阅BSD bpf.4和BSD数据包套接口的相关手册和文档,
作者是劳伦斯伯克利实验室的Steven McCanne和Van Jacobson。
- Documentation_networking_filter
- 产品经理常见的概念:蝴蝶效应、马太效应
- 如何在python论文中画出漂亮的插图?-from知乎
- C# 引用类型-代表类型
- vi升级使用
- 文件夹右键没有共享
- Documentation_networking_filter
- 分享一些Matlab调试技巧
- Linux 文件系统体系结构
- 一个离职产品经理的事后总结
- 用opencv的stitcher类实现图像拼接
- 你了解JavaScript中的function吗?
- Documentation_networking_vxlan
- 手把手教你如何把java代码,打包成jar文件以及转换为exe可执行文件
- 随想录(工作后的一点思考)
